Fixing CAS bugs, version operationnal : can connect via CAS and subscribe/unsubscribe

d6900121 · Stephane Crozat · 2a5ba83c · d6900121 · d6900121 · d6900121
Commit d6900121 authored Oct 22, 2018 by Stephane Crozat
--- a/index.php
+++ b/index.php
@@ -9,8 +9,8 @@ if (!isset($_SESSION['ticket'])) {
  */

  include $_SERVER['DOCUMENT_ROOT'].'/apisub/lib/cas.php';
-  $cas = new CAS('https://cas.utc.fr/cas/','https');
-  $info = CAS::authenticate();
+  $cas = new CAS('https://cas.utc.fr/cas/','http');
+  $info = $cas->authenticate();
  if ($info != -1) 	{
    $_SESSION['ticket'] = $_GET['ticket'];
    $_SESSION['utclogin'] = $info['cas:user'];
@@ -19,7 +19,7 @@ if (!isset($_SESSION['ticket'])) {
    $_SESSION['firstname'] = $info['cas:attributes']['cas:givenName'];
  }
  else
-    CAS::login();
+    $cas->login();
 }

 include $_SERVER['DOCUMENT_ROOT'].'/apisub/lib/db.php';

--- a/lib/cas.php
+++ b/lib/cas.php
@@ -6,12 +6,12 @@ class CAS {
 	private $server;
  private $protocol;

-  function __construct ($server='https://cas.utc.fr/cas/', $protocol='https') {
+  public function __construct ($server='https://cas.utc.fr/cas/', $protocol='https') {
    $this->server = $server;
-    $this->protocol = $protocol;
+    $this->protocol = $protocol;
  }

-	public static function authenticate()	{
+	public function authenticate()	{
 		if (!isset($_GET['ticket']) || empty($_GET['ticket']))
 			return -1;

@@ -29,12 +29,12 @@ class CAS {
 	}


-	public static function login() {
+	public function login() {
 		header('Location: '.$this->server.'login?service='.$this->protocol.'://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
 	}


-	public static function logout()	{
+	public function logout()	{
 		header('Location: '.$this->server.'logout?service='.$this->protocol.'://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']));//ou SCRIPT_NAME?
 		// On n'utilise pas REQUEST_URI sinon cela déconnecterait à l'infini.
 	}

--- a/lib/db.php
+++ b/lib/db.php
@@ -13,7 +13,7 @@ class DB {
 		}
 	}

-	public static function printHtmlBegin () {
+	public function printHtmlBegin () {
 		echo '<html>';
 		echo '<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/></head>';
 		echo '<title>Api Sub</title>';
@@ -29,7 +29,7 @@ class DB {
 	function subList($utclogin) {
 		$sql = "SELECT code, name, year, semester, TO_CHAR(subdate,'DD/MM/YYYY') as subdate
 						FROM api JOIN subscribe ON api.code=subscribe.api
-						WHERE	student='".$utclogin."'";
+						WHERE	utclogin='".$utclogin."'";
 		$st = $this->conn->prepare($sql);
 		$st->execute();
 		$res = $st->fetchAll(PDO::FETCH_ASSOC);
@@ -82,7 +82,7 @@ class DB {
 	}

 	function unsubToApi($utclogin, $api) {
-		$sql = "DELETE FROM subscribe WHERE student='".$utclogin."' AND api=".$api;
+		$sql = "DELETE FROM subscribe WHERE utclogin='".$utclogin."' AND api=".$api;
 		$res=$this->conn->exec($sql);
 	}